Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help my pc is out of control with pop ups and redirects

Started by Brenda50 , Oct 11 2014 05:55 PM
malware redirects pop ups

  • This topic is locked This topic is locked

#1
Brenda50
Posted 11 October 2014 - 05:55 PM

Brenda50

    Member

  • Member
  • PipPip
  • 30 posts

Please help my pc is out of control as if it is possessed the moment I go on line and even before.  I don't even recognize my google browser instead I get something called Safe Finder  and all kinds of pop ups telling me to upgrade all sort of things. Here is my otl report as your site suggested  

 

 OTL logfile created on: 10/11/2014 6:28:46 PM - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brenda\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 61.66% Memory free
6.01 Gb Paging File | 3.92 Gb Available in Paging File | 65.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.90 Gb Total Space | 330.57 Gb Free Space | 72.51% Space Free | Partition Type: NTFS
 
Computer Name: BRENDAPC | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/10 13:17:27 | 000,383,896 | ---- | M] (HQuality3V05.10) -- C:\Program Files (x86)\HQuality-v3V05.10\22eb117c-b529-406e-8f0f-d191202cd9b1.exe
PRC - [2014/10/10 13:16:51 | 001,318,808 | ---- | M] (HQuality3V05.10) -- C:\Program Files (x86)\HQuality-v3V05.10\4e250024-6600-404c-ba9b-838317176ea2-6.exe
PRC - [2014/10/10 13:16:11 | 000,068,608 | ---- | M] (globalUpdate) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
PRC - [2014/09/29 01:38:12 | 004,834,816 | ---- | M] () -- C:\Windows\score.exe
PRC - [2014/08/27 16:34:56 | 000,034,848 | ---- | M] () -- C:\Program Files (x86)\LPT\srptsl.exe
PRC - [2014/08/27 16:34:56 | 000,032,800 | ---- | M] () -- C:\Program Files (x86)\LPT\srpts.exe
PRC - [2014/08/27 16:34:56 | 000,023,072 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srptm.exe
PRC - [2014/08/27 16:34:22 | 000,028,192 | ---- | M] (Smartbar) -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.exe
PRC - [2014/08/27 16:33:50 | 000,023,584 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Lrcnta.exe
PRC - [2014/08/04 19:37:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Downloads\OTL.exe
PRC - [2014/05/22 10:44:36 | 001,082,240 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/03/18 06:13:58 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWAHost.exe
PRC - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/02 00:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/03/26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/18 00:07:58 | 008,013,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2014/09/18 00:07:58 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
MOD - [2014/09/18 00:07:57 | 000,146,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2014/09/14 20:58:04 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\0e8df08ded9407504af7dc9af2f9823a\System.Web.Services.ni.dll
MOD - [2014/09/14 20:57:59 | 011,926,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\c3f52de50de9e5a83295ac536b8d8760\System.Web.ni.dll
MOD - [2014/09/14 08:44:18 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\462e6667cb4ef74abec9524d96c4d7d5\System.Xml.ni.dll
MOD - [2014/09/14 08:44:18 | 000,392,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\11074f4f817acf22f6b7e1ca2a634aae\System.Xml.Linq.ni.dll
MOD - [2014/09/14 08:44:11 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\dd08601ab40a3c0743ee8d7b4350debe\System.Xaml.ni.dll
MOD - [2014/09/14 08:44:09 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cc272fa4bc8ae7c468e3c75a57ae3c72\System.Windows.Forms.ni.dll
MOD - [2014/09/14 08:43:31 | 001,169,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\aa464a63150c9ca092f10c752091c73b\System.Management.ni.dll
MOD - [2014/09/14 08:43:30 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9e99d85dfa5a3de8e34fe912acf82021\System.Drawing.ni.dll
MOD - [2014/09/14 08:43:19 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\04d455ea050b547ca661a16509fe4638\System.Configuration.ni.dll
MOD - [2014/09/14 08:43:18 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\165bbf987a17d5254aeb43e769ab02f7\PresentationFramework.Aero2.ni.dll
MOD - [2014/09/14 08:43:16 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\201ff175176fa9f3f7930492d6f8e140\PresentationFramework.ni.dll
MOD - [2014/09/14 08:43:00 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\137698b247bb9989ebaf0a9c9528f17a\PresentationCore.ni.dll
MOD - [2014/09/14 08:42:50 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\358c6ca55986bf6ef35d4de5806f3f99\WindowsBase.ni.dll
MOD - [2014/09/13 17:32:20 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\5e8ea4bc2ddce0edd65f5c68b7241c06\System.Core.ni.dll
MOD - [2014/09/13 17:31:24 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3028925cf331e81d2b55093a3f131bd5\System.ni.dll
MOD - [2014/08/27 16:35:00 | 000,070,176 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srut.dll
MOD - [2014/08/27 16:35:00 | 000,070,176 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srut.dll
MOD - [2014/08/27 16:34:58 | 000,029,216 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srsbs.dll
MOD - [2014/08/27 16:34:56 | 000,023,072 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srptm.exe
MOD - [2014/08/27 16:34:54 | 000,081,952 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srpt.dll
MOD - [2014/08/27 16:34:54 | 000,042,528 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srptc.dll
MOD - [2014/08/27 16:34:52 | 000,031,264 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srom.dll
MOD - [2014/08/27 16:34:52 | 000,024,608 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srpdm.dll
MOD - [2014/08/27 16:34:52 | 000,024,608 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srpdm.dll
MOD - [2014/08/27 16:34:48 | 000,255,008 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srns.dll
MOD - [2014/08/27 16:34:46 | 000,047,136 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srbu.dll
MOD - [2014/08/27 16:34:46 | 000,047,136 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\srbu.dll
MOD - [2014/08/27 16:34:46 | 000,027,680 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\sreu.dll
MOD - [2014/08/27 16:34:44 | 000,086,048 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\srau.dll
MOD - [2014/08/27 16:34:42 | 000,067,616 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\sppsm.dll
MOD - [2014/08/27 16:34:42 | 000,067,616 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\sppsm.dll
MOD - [2014/08/27 16:34:42 | 000,066,592 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\spbl.dll
MOD - [2014/08/27 16:34:42 | 000,030,752 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\smtu.dll
MOD - [2014/08/27 16:34:40 | 000,150,560 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\smti.dll
MOD - [2014/08/27 16:34:40 | 000,073,760 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\smsp.dll
MOD - [2014/08/27 16:34:40 | 000,038,432 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\smta.dll
MOD - [2014/08/27 16:34:34 | 000,061,984 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2014/08/27 16:34:34 | 000,035,360 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2014/08/27 16:34:32 | 000,158,240 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2014/08/27 16:34:32 | 000,158,240 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2014/08/27 16:34:32 | 000,027,168 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2014/08/27 16:34:32 | 000,027,168 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Smartbar.Personalization.Common.dll
MOD - [2014/08/27 16:34:30 | 000,044,064 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
MOD - [2014/08/27 16:34:26 | 000,165,920 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2014/08/27 16:34:26 | 000,165,920 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
MOD - [2014/08/27 16:34:26 | 000,065,568 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2014/08/27 16:34:24 | 002,425,376 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2014/08/27 16:34:24 | 000,050,208 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2014/08/27 16:34:24 | 000,014,880 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2014/08/27 16:34:22 | 000,696,864 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2014/08/27 16:34:22 | 000,078,880 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2014/08/27 16:34:18 | 000,014,368 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\siem.dll
MOD - [2014/08/27 16:34:18 | 000,011,808 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\sidc.dll
MOD - [2014/08/27 16:34:16 | 000,193,056 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\sgmu.dll
MOD - [2014/08/27 16:34:16 | 000,024,096 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\sgml.dll
MOD - [2014/08/27 16:34:02 | 000,018,976 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Smartbar.Common.dll
MOD - [2014/08/27 16:33:58 | 000,026,144 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\ProxySettings.dll
MOD - [2014/08/27 16:33:56 | 000,052,768 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Proxy.Lib.dll
MOD - [2014/08/27 16:33:52 | 000,043,552 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
MOD - [2014/08/27 16:33:50 | 000,032,800 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\lrcnt.dll
MOD - [2014/08/27 16:33:50 | 000,023,584 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\Lrcnta.exe
MOD - [2014/08/26 14:13:42 | 000,059,392 | ---- | M] () -- C:\Users\Brenda\AppData\Local\LPT\Community.CsharpSqlite.SQLiteClient.dll
MOD - [2014/08/14 09:56:22 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\487db41fefa880fce5153664d6bc4bc6\System.Transactions.ni.dll
MOD - [2014/08/14 09:56:04 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1d3f8028ffcdf8e9393d664dfa4f87b3\System.Configuration.Install.ni.dll
MOD - [2014/08/14 09:56:02 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\27dc8e491e32361eaff0b88f0befc197\System.Configuration.ni.dll
MOD - [2014/08/14 09:55:28 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\314786c0ad6b74f19b64f46ea84a90ac\CustomMarshalers.ni.dll
MOD - [2014/08/14 09:55:23 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\a8a310b81c76f8e79a1a7fc309a098bf\Accessibility.ni.dll
MOD - [2014/08/13 12:16:04 | 005,467,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\8006a5df62f0c127d15db16d3a8c68f8\System.Xml.ni.dll
MOD - [2014/08/13 12:15:57 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6ec0cbaebf2932db68d8cc77b5e9b4e9\System.Windows.Forms.ni.dll
MOD - [2014/08/13 12:15:47 | 001,051,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8d2ca09eec4f48222ac4acc00b68a376\System.Management.ni.dll
MOD - [2014/08/13 12:15:46 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f6ff4eab6e6bb587d62c3975fcbbca30\System.Drawing.ni.dll
MOD - [2014/08/13 12:15:44 | 006,657,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\3cd1588d00d2f95ec8d6e581e7f3c577\System.Data.ni.dll
MOD - [2014/08/13 12:15:05 | 003,350,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\bf4490c2ed2831228e646e48da1df643\WindowsBase.ni.dll
MOD - [2014/08/13 12:15:00 | 007,993,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\a500ec9c4638c6ba200d7b55324709f2\System.ni.dll
MOD - [2014/08/13 12:14:53 | 011,500,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/08/13 02:08:27 | 002,972,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/08/13 02:08:27 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2014/08/13 02:08:27 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2014/08/13 02:08:24 | 000,745,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/05/22 10:44:36 | 001,082,240 | ---- | M] () -- C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
MOD - [2014/05/12 11:21:54 | 000,061,440 | ---- | M] () -- C:\Users\Brenda\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
MOD - [2014/03/18 06:13:46 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013/08/03 00:41:51 | 000,172,032 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
MOD - [2013/08/03 00:41:51 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/10 21:11:53 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014/09/12 10:53:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/13 02:14:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/08/13 02:14:39 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/08/13 02:02:49 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/08/13 02:02:49 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/13 02:01:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/08/13 02:01:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/07/24 03:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/21 00:33:44 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/31 19:24:58 | 000,201,360 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/10/10 13:16:11 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem)
SRV - [2014/10/10 13:16:11 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate)
SRV - [2014/09/29 01:38:12 | 004,834,816 | ---- | M] () [Auto | Running] -- C:\Windows\score.exe -- (scores)
SRV - [2014/08/27 16:34:56 | 000,032,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\LPT\srpts.exe -- (LPTSystemUpdater)
SRV - [2014/08/13 02:01:58 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/21 00:33:48 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/12/28 14:41:58 | 000,226,944 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/19 18:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/14 20:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/13 02:14:40 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/08/13 02:14:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/08/13 02:14:39 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/08/13 02:03:14 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/08/13 02:02:49 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/08/13 02:02:49 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/08/13 02:02:49 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/04 11:40:48 | 000,061,528 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64.sys -- ({6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64)
DRV:64bit: - [2014/08/04 11:40:48 | 000,061,528 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw64.sys -- ({6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw64)
DRV:64bit: - [2014/07/24 11:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 11:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 07:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/21 00:33:36 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/06 18:39:17 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/05/06 18:39:17 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/28 14:19:48 | 000,578,792 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/28 14:19:40 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/28 14:19:36 | 000,115,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/28 14:19:36 | 000,089,320 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/28 14:19:36 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/12/28 14:19:34 | 000,345,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/16 20:21:30 | 003,735,040 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/10/27 02:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/20 20:39:12 | 000,454,968 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/20 20:39:10 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/20 20:39:10 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/05 02:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 12:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 04:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.zyngaplayersupport.com [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...Z-ajrppXLIGHMtg,
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@popularscreensavers.com/Plugin: C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll (popularscreensavers.com)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ConsumerInput@Compete: C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi [2014/09/23 09:12:30 | 000,510,118 | ---- | M] ()
 
[2014/01/21 11:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brenda\AppData\Roaming\mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIABUZZV1\MEDIABUZZV1MODE3344\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA485\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA221\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1935\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9027\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME831\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\RICHMEDIAVIEWV1\RICHMEDIAVIEWV1RELEASE7142\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\TRUSTMEDIAVIEWERV1\TRUSTMEDIAVIEWERV1ALPHA2867\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA1213\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA42\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: HQuality-v3V05.10 = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\1.26.53_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: HQuality-v3V05.10 = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\1.26.53_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HQuality-v3V05.10) - {11111111-1111-1111-1111-110611171162} - C:\Program Files (x86)\HQuality-v3V05.10\HQuality-v3V05.10-bho64.dll (HQuality3V05.10)
O2:64bit: - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O2 - BHO: (HQuality-v3V05.10) - {11111111-1111-1111-1111-110611171162} - C:\Program Files (x86)\HQuality-v3V05.10\HQuality-v3V05.10-bho.dll (HQuality3V05.10)
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Rich Media View) - {59dcb6e8-6cc8-4903-a78c-00356115d270} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ie\RichMediaViewV1release7142.dll File not found
O2 - BHO: (no name) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [DellWPF] C:\Program Files\Synaptics\SynTP\DellTouchpad.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.exe (Smartbar)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A208A2D-31F3-4054-A7C3-77DEA77EDF72}: DhcpNameServer = 10.100.25.50 10.10.1.56 10.10.1.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5469380C-05E5-474B-B8CB-FA6ABBE08F6F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Users\Brenda\AppData\Local\Smartbar\Application\Resources\crdlil64.dll) - C:\Users\Brenda\AppData\Local\Smartbar\Application\Resources\crdlil64.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/11 14:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/10/11 14:44:56 | 000,000,000 | R--D | C] -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/10/10 13:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup Support for Consumer Input
[2014/10/10 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Compete
[2014/10/10 13:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Consumer Input
[2014/10/10 13:17:06 | 001,544,600 | ---- | C] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\CYHPK.exe
[2014/10/10 13:16:31 | 002,015,640 | ---- | C] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\OQERG.exe
[2014/10/10 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\globalUpdate
[2014/10/10 13:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/10/10 13:16:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HQuality-v3V05.10
[2014/09/30 18:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/30 18:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/18 00:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LPT
[2014/09/18 00:07:55 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\LPT
[2014/09/18 00:07:54 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Smartbar
[2014/09/17 10:23:02 | 002,084,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014/09/17 10:23:01 | 013,423,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/09/17 10:23:01 | 002,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014/09/17 10:23:01 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/09/17 10:22:58 | 011,818,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/09/17 10:22:56 | 002,860,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/09/17 10:22:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/09/17 10:22:55 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/09/17 10:22:34 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2014/09/17 10:22:34 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcpmon.dll
[2014/09/17 10:19:11 | 016,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/09/17 10:19:09 | 002,642,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/09/17 10:19:09 | 002,318,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/09/17 10:19:04 | 012,730,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/09/17 10:19:00 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/09/17 10:18:58 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/09/17 10:18:57 | 007,424,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/09/17 10:18:55 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/09/17 10:18:54 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/09/17 10:18:50 | 002,696,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/09/17 10:18:41 | 002,141,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/09/17 10:18:35 | 002,145,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/09/17 10:18:27 | 001,600,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/09/17 10:18:24 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/09/17 10:18:17 | 000,818,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/09/17 10:18:16 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/09/17 10:18:15 | 000,674,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/09/17 10:18:14 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/09/17 10:18:11 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/09/17 10:18:10 | 002,574,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/09/17 10:18:07 | 000,707,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/09/17 10:18:06 | 000,882,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/09/17 10:18:05 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2014/09/17 10:18:04 | 001,182,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/09/17 10:18:01 | 002,410,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/09/17 10:17:57 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/09/17 10:17:57 | 000,475,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/09/17 10:17:55 | 001,992,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2014/09/17 10:17:52 | 000,486,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/09/17 10:17:51 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/09/17 10:17:50 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/09/17 10:17:49 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/09/17 10:17:47 | 000,391,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/09/17 10:17:44 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/09/17 10:17:43 | 001,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/09/17 10:17:42 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2014/09/17 10:17:41 | 000,412,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/09/17 10:17:39 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/09/17 10:17:37 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/09/17 10:17:34 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/09/17 10:17:34 | 000,355,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/09/17 10:17:33 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/09/17 10:17:30 | 000,645,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/09/17 10:17:29 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/09/17 10:17:25 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/09/17 10:17:24 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/09/17 10:17:21 | 000,180,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2014/09/17 10:17:20 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/09/17 10:17:18 | 000,205,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2014/09/17 10:17:16 | 000,477,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/09/17 10:17:15 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/09/17 10:17:14 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/09/17 10:17:13 | 001,660,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/09/17 10:17:13 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/09/17 10:17:13 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2014/09/17 10:17:10 | 000,468,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/09/17 10:17:08 | 001,519,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/09/17 10:17:05 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2014/09/17 10:17:04 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/09/17 10:17:02 | 001,488,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/09/17 10:17:02 | 001,417,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/09/17 10:16:58 | 001,356,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/09/17 10:16:57 | 001,463,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2014/09/17 10:16:50 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/09/17 10:16:49 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/09/17 10:16:47 | 000,160,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmmbase.dll
[2014/09/17 10:16:46 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/09/17 10:16:42 | 003,360,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/09/17 10:16:42 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/09/17 10:16:41 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/09/17 10:16:39 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/09/17 10:16:38 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/09/17 10:16:37 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/09/17 10:16:35 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/09/17 10:16:35 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/09/17 10:16:33 | 001,404,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/09/17 10:16:33 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/09/17 10:16:32 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2014/09/17 10:16:30 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/09/17 10:16:29 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/09/17 10:16:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2014/09/17 10:16:27 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2014/09/17 10:16:25 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/09/17 10:16:25 | 000,211,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/09/17 10:16:22 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2014/09/17 10:16:20 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/09/17 10:16:18 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2014/09/17 10:16:17 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/09/17 10:16:17 | 000,233,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/09/17 10:16:14 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/09/17 10:16:13 | 000,335,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/09/17 10:16:12 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys
[2014/09/17 10:16:08 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2014/09/17 10:16:08 | 000,123,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2014/09/17 10:16:07 | 000,125,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/09/17 10:16:05 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/09/17 10:16:04 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2014/09/17 10:16:02 | 001,705,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/09/17 10:16:01 | 000,923,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/09/17 10:15:59 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2014/09/17 10:15:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2014/09/17 10:15:56 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/09/17 10:15:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2014/09/17 10:15:52 | 001,089,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2014/09/17 10:15:51 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2014/09/17 10:15:50 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2014/09/17 10:15:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2014/09/17 10:15:44 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2014/09/17 10:15:40 | 000,180,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/09/17 10:15:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/09/17 10:15:37 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/09/17 10:15:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/09/17 10:15:33 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/09/17 10:15:30 | 000,263,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/09/17 10:15:28 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/09/17 10:15:28 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/09/17 10:15:26 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/09/17 10:15:26 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/09/17 10:15:24 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/09/17 10:15:24 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2014/09/17 10:15:21 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/09/17 10:15:20 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2014/09/17 10:15:17 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/09/17 10:15:15 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014/09/17 10:15:14 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/09/17 10:15:13 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/09/17 10:15:11 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/09/17 10:15:07 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2014/09/17 10:15:06 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/09/17 10:15:04 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/09/17 10:15:02 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2014/09/17 10:15:00 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/09/17 10:14:58 | 000,659,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/09/17 10:14:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2014/09/17 10:14:51 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/09/17 10:14:50 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2014/09/17 10:14:49 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/09/17 10:14:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRUM.DLL
[2014/09/17 10:14:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRUM.DLL
[2014/09/17 10:14:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/09/17 10:14:42 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/09/17 10:14:38 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2014/09/17 10:14:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU.DLL
[2014/09/17 10:14:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDBASH.DLL
[2014/09/17 10:14:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDYAK.DLL
[2014/09/17 10:14:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU1.DLL
[2014/09/17 10:14:31 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll
[2014/09/17 10:14:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU.DLL
[2014/09/17 10:14:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU1.DLL
[2014/09/17 10:14:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDBASH.DLL
[2014/09/17 10:14:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDYAK.DLL
[2014/09/17 10:14:18 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/09/17 10:14:16 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/09/17 10:14:14 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/09/17 10:14:13 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/09/17 10:14:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTAT.DLL
[2014/09/17 10:14:11 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/09/17 10:14:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTAT.DLL
[2014/09/17 10:14:09 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2014/09/17 10:14:08 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll
[2014/09/17 10:14:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/09/17 10:14:06 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/09/17 10:14:01 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/09/17 10:14:00 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/09/17 10:13:58 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/09/17 10:13:57 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/09/17 10:13:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/09/17 10:13:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTT102.DLL
[2014/09/17 10:13:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTT102.DLL
[2014/09/17 10:07:51 | 000,146,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014/09/16 21:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/16 21:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/12 10:52:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/09/12 10:52:17 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/09/12 10:52:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/09/12 10:52:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/09/12 10:52:08 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/09/12 10:52:07 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/09/12 10:52:07 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/09/12 10:51:59 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/09/12 10:51:59 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/09/12 10:51:55 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/09/12 10:51:55 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/09/12 10:51:48 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/09/12 10:51:48 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/09/12 10:51:48 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/09/12 10:51:48 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/12 10:51:30 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/09/12 10:51:30 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/09/12 10:51:25 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/11 18:40:00 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001.job
[2014/10/11 18:31:05 | 000,004,170 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-6.job
[2014/10/11 18:23:04 | 000,000,988 | ---- | M] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/10/11 18:17:02 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
[2014/10/11 14:49:51 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/11 14:49:51 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/11 14:49:51 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/11 14:45:17 | 000,002,487 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/11 14:45:16 | 000,002,485 | ---- | M] () -- C:\Users\Brenda\Desktop\Google Chrome.lnk
[2014/10/11 14:45:14 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/11 14:44:11 | 000,004,170 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-3.job
[2014/10/11 14:44:09 | 000,005,196 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-11.job
[2014/10/11 14:44:06 | 000,001,358 | ---- | M] () -- C:\WINDOWS\tasks\CYHPK.job
[2014/10/11 14:44:02 | 000,002,122 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-2.job
[2014/10/11 14:44:01 | 000,002,458 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5_user.job
[2014/10/11 14:44:00 | 000,001,358 | ---- | M] () -- C:\WINDOWS\tasks\OQERG.job
[2014/10/11 14:43:58 | 000,002,458 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5.job
[2014/10/11 14:43:56 | 000,004,506 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-4.job
[2014/10/11 14:43:55 | 000,003,826 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-7.job
[2014/10/11 14:43:55 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/10/11 14:43:54 | 000,001,450 | ---- | M] () -- C:\WINDOWS\tasks\22eb117c-b529-406e-8f0f-d191202cd9b1.job
[2014/10/11 14:43:54 | 000,000,652 | ---- | M] () -- C:\WINDOWS\tasks\478c68a8-0496-4731-a071-6c1f8c7c91ad.job
[2014/10/11 14:43:53 | 000,003,134 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-1.job
[2014/10/11 14:43:53 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/10/11 14:43:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/11 14:43:07 | 3336,376,320 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/10 13:18:04 | 000,000,004 | ---- | M] () -- C:\end
[2014/10/10 13:17:06 | 001,544,600 | ---- | M] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\CYHPK.exe
[2014/10/10 13:16:31 | 002,015,640 | ---- | M] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\OQERG.exe
[2014/10/09 07:17:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
[2014/10/08 04:39:44 | 000,110,592 | ---- | M] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/09/30 18:01:27 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/30 17:47:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/30 14:04:32 | 000,492,000 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/09/29 01:38:12 | 004,834,816 | ---- | M] () -- C:\WINDOWS\score.exe
[2014/09/18 12:09:39 | 000,139,488 | ---- | M] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,002,413 | ---- | M] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/16 21:58:39 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/12 10:54:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/09/12 10:53:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/09/12 10:53:37 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/09/12 10:53:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/09/12 10:53:35 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/09/12 10:53:33 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/09/12 10:53:28 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/09/12 10:53:24 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/09/12 10:53:24 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/09/12 10:53:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/09/12 10:53:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/09/12 10:53:02 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/10 13:18:41 | 000,000,380 | ---- | C] () -- C:\WINDOWS\tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001.job
[2014/10/10 13:18:20 | 000,000,988 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/10/10 13:18:20 | 000,000,984 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/10/10 13:17:32 | 000,002,458 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5_user.job
[2014/10/10 13:17:31 | 000,002,458 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5.job
[2014/10/10 13:17:27 | 000,001,450 | ---- | C] () -- C:\WINDOWS\tasks\22eb117c-b529-406e-8f0f-d191202cd9b1.job
[2014/10/10 13:17:17 | 000,002,122 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-2.job
[2014/10/10 13:17:08 | 000,003,134 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-1.job
[2014/10/10 13:17:07 | 000,001,358 | ---- | C] () -- C:\WINDOWS\tasks\CYHPK.job
[2014/10/10 13:17:00 | 000,004,506 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-4.job
[2014/10/10 13:16:44 | 000,004,170 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-6.job
[2014/10/10 13:16:43 | 000,003,826 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-7.job
[2014/10/10 13:16:39 | 000,000,652 | ---- | C] () -- C:\WINDOWS\tasks\478c68a8-0496-4731-a071-6c1f8c7c91ad.job
[2014/10/10 13:16:33 | 000,005,196 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-11.job
[2014/10/10 13:16:31 | 000,001,358 | ---- | C] () -- C:\WINDOWS\tasks\OQERG.job
[2014/10/10 13:16:16 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/10/10 13:16:14 | 000,004,170 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-3.job
[2014/10/10 13:15:24 | 000,000,004 | ---- | C] () -- C:\end
[2014/10/08 04:39:44 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/09/30 18:01:27 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/18 12:09:39 | 000,139,488 | ---- | C] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,002,511 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/09/18 00:08:49 | 000,002,413 | ---- | C] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/17 10:13:46 | 000,387,391 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/01 04:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\CYHPK
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\OQERG
[2014/08/22 22:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/12 19:07:34 | 004,834,816 | ---- | C] () -- C:\WINDOWS\score.exe
[2014/05/21 00:33:38 | 000,348,088 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/05/21 00:33:32 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/05/21 00:33:32 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/21 09:51:26 | 000,000,081 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/04/12 21:28:33 | 000,000,017 | ---- | C] () -- C:\Users\Brenda\AppData\Local\resmon.resmoncfg
[2013/01/26 21:36:27 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/01/26 20:06:17 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/01/26 20:06:09 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
 
========== ZeroAccess Check ==========
 
[2014/08/24 12:19:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/24 11:20:40 | 021,266,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/24 09:46:53 | 018,760,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Brenda\OneDrive:ms-properties
 
< End of report >
Thank you in advance for any help you can give

  • 0

Advertisements

#2
zep516
Posted 11 October 2014 - 10:00 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

We need to fix some things using OTL Make sure you copy it all as it's large !
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
[CREATERESTOREPOINT]

:OTL
[2014/09/18 00:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LPT
[2014/09/18 00:07:55 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\LPT
[2014/09/18 00:07:54 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Smartbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.zyngaplayersupport.com [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...Z-ajrppXLIGHMtg,
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
CHR - Extension: HQuality-v3V05.10 = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\1.26.53_0\
CHR - Extension: HQuality-v3V05.10 = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnanplinmmnjhobaliikmelmmjpoogkb\1.26.53_0\
O2:64bit: - BHO: (HQuality-v3V05.10) - {11111111-1111-1111-1111-110611171162} - C:\Program Files (x86)\HQuality-v3V05.10\HQuality-v3V05.10-bho64.dll (HQuality3V05.10)
O2:64bit: - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
02 - BHO: (HQuality-v3V05.10) - {11111111-1111-1111-1111-110611171162} - C:\Program Files (x86)\HQuality-v3V05.10\HQuality-v3V05.10-bho.dll (HQuality3V05.10)
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No CLSID value found.
O2 - BHO: (Rich Media View) - {59dcb6e8-6cc8-4903-a78c-00356115d270} - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ie\RichMediaViewV1release7142.dll File not found
O2 - BHO: (no name) - {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O20:64bit: - AppInit_DLLs: (C:\Users\Brenda\AppData\Local\Smartbar\Application\Resources\crdlil64.dll) - C:\Users\Brenda\AppData\Local\Smartbar\Application\Resources\crdlil64.dll ()[[2014/10/10 13:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Consumer Input
[2014/10/10 13:17:06 | 001,544,600 | ---- | C] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\CYHPK.exe
[2014/10/10 13:16:31 | 002,015,640 | ---- | C] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\OQERG.exe
[10 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[2014/10/11 14:44:11 | 000,004,170 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-3.job
[2014/10/11 14:44:09 | 000,005,196 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-11.job
[2014/10/11 14:44:06 | 000,001,358 | ---- | M] () -- C:\WINDOWS\tasks\CYHPK.job
[2014/10/11 14:44:02 | 000,002,122 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-2.job
[2014/10/11 14:44:01 | 000,002,458 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5_user.job
[2014/10/11 14:44:00 | 000,001,358 | ---- | M] () -- C:\WINDOWS\tasks\OQERG.job
[2014/10/11 14:43:56 | 000,004,506 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-4.job
[2014/10/11 14:43:55 | 000,003,826 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-7.job
[2014/10/11 14:43:55 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job
[2014/10/11 14:43:54 | 000,001,450 | ---- | M] () -- C:\WINDOWS\tasks\22eb117c-b529-406e-8f0f-d191202cd9b1.job
[2014/10/11 14:43:54 | 000,000,652 | ---- | M] () -- C:\WINDOWS\tasks\478c68a8-0496-4731-a071-6c1f8c7c91ad.job
[2014/10/11 14:43:53 | 000,003,134 | ---- | M] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-1.job
[2014/10/11 14:43:53 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/10/10 13:18:04 | 000,000,004 | ---- | M] () -- C:\end
[2014/10/10 13:17:06 | 001,544,600 | ---- | M] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\CYHPK.exe
[2014/10/10 13:16:31 | 002,015,640 | ---- | M] (HQuality3V05.10) -- C:\Users\Brenda\AppData\Roaming\OQERG.exe
[2014/10/10 13:18:41 | 000,000,380 | ---- | C] () -- C:\WINDOWS\tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001.job
[2014/10/10 13:18:20 | 000,000,988 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineUA.job
[2014/10/10 13:18:20 | 000,000,984 | ---- | C] () -- C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
[2014/10/10 13:17:32 | 000,002,458 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5_user.job
[2014/10/10 13:17:31 | 000,002,458 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5.job
[2014/10/10 13:17:27 | 000,001,450 | ---- | C] () -- C:\WINDOWS\tasks\22eb117c-b529-406e-8f0f-d191202cd9b1.job
[2014/10/10 13:17:17 | 000,002,122 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-2.job
[2014/10/10 13:17:08 | 000,003,134 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-1.job
[2014/10/10 13:17:07 | 000,001,358 | ---- | C] () -- C:\WINDOWS\tasks\CYHPK.job
[2014/10/10 13:17:00 | 000,004,506 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-4.job
[2014/10/10 13:16:44 | 000,004,170 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-6.job
[2014/10/10 13:16:43 | 000,003,826 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-7.job
[2014/10/10 13:16:39 | 000,000,652 | ---- | C] () -- C:\WINDOWS\tasks\478c68a8-0496-4731-a071-6c1f8c7c91ad.job
[2014/10/10 13:16:33 | 000,005,196 | ---- | C] () -- C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-11.job
[2014/10/10 13:16:31 | 000,001,358 | ---- | C] () -- C:\WINDOWS\tasks\OQERG.job
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIABUZZV1\MEDIABUZZV1MODE3344\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA485\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA221\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1935\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9027\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME831\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\RICHMEDIAVIEWV1\RICHMEDIAVIEWV1RELEASE7142\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\TRUSTMEDIAVIEWERV1\TRUSTMEDIAVIEWERV1ALPHA2867\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA1213\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA42\FF

:Files
ipconfig /flushdns /c
C:\Users\Brenda\AppData\Roaming\OQERG.exe
C:\Users\Brenda\AppData\Roaming\CYHPK.exe
C:\WINDOWS\tasks\ConsumerInputUpdateTaskMachineCore.job
C:\WINDOWS\tasks\478c68a8-0496-4731-a071-6c1f8c7c91ad.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-7.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-4.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-3.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-11.job
C:\WINDOWS\tasks\CYHPK.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-2.job
C:\WINDOWS\tasks\4e250024-6600-404c-ba9b-838317176ea2-5_user.job
C:\WINDOWS\tasks\OQERG.job
C:\Program Files (x86)\HQuality-v3V05.10
C:\Program Files (x86)\Consumer Input
C:\Users\Brenda\AppData\Roaming\CYHPK.exe
C:\Users\Brenda\AppData\Roaming\OQERG.exe
C:\Program Files (x86)\HQuality-v3V05.10\22eb117c-b529-406e-8f0f-d191202cd9b1.exe
C:\Program Files (x86)\HQuality-v3V05.10\4e250024-6600-404c-ba9b-838317176ea2-6.exe
C:\Program Files (x86)\LPT\srptsl.exe
C:\Program Files (x86)\LPT\srpts.exe
C:\Users\Brenda\AppData\Local\LPT\srptm.exe
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Users\Brenda\AppData\Local\Smartbar\Application\Lrcnta.exe
C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
C:\Users\Brenda\AppData\Local\Smartbar\Application\srut.dll
C:\Users\Brenda\AppData\Local\LPT\srut.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srsbs.dll
C:\Users\Brenda\AppData\Local\LPT\srptm.exe
C:\Users\Brenda\AppData\Local\LPT\srpt.dll
C:\Users\Brenda\AppData\Local\LPT\srptc.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srom.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srpdm.dll
C:\Users\Brenda\AppData\Local\LPT\srpdm.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srns.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srbu.dll
C:\Users\Brenda\AppData\Local\LPT\srbu.dll
C:\Users\Brenda\AppData\Local\LPT\sreu.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\srau.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\sppsm.dll
C:\Users\Brenda\AppData\Local\LPT\sppsm.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\spbl.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\smtu.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\smti.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\smsp.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\smta.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
C:\Users\Brenda\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
C:\Users\Brenda\AppData\Local\LPT\Smartbar.Personalization.Common.dll
C:\Users\Brenda\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
C:\Users\Brenda\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\siem.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\sidc.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\sgmu.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\sgml.dll
C:\Users\Brenda\AppData\Local\LPT\Smartbar.Common.dll
C:\Users\Brenda\AppData\Local\LPT\ProxySettings.dll
C:\Users\Brenda\AppData\Local\LPT\Proxy.Lib.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\lrcnt.dll
C:\Users\Brenda\AppData\Local\Smartbar\Application\Lrcnta.exe

:Commands

[emptytemp]
[resethosts]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
  • Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the Report button and the report will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner
    Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply to me post:
    • OTL Fix log. That log will pop up in front of you, after you run the fix and the computer reboots
    • AdwCleaner log after running the clean option.
    • JRT.txt log
    • New OTL after quick scan is performed
Thanks
Joe :)
  • 0

#3
Brenda50
Posted 12 October 2014 - 02:12 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe,

 

I'm having a tough time with this so please bear with me.  this is my 3rd attempt to send this post.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.2 (10.09.2014:1)
OS: Windows 8.1 x64
Ran by Brenda on Sun 10/12/2014 at 13:20:28.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.SkinLauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.SkinLauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\PopularScreensavers_7i.SkinLauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\PopularScreensavers_7i.SkinLauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MyFunCards_5m.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MyFunCards_5m.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\ShoppingChip
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Brenda\AppData\Roaming\ask4expert"
Successfully deleted: [Folder] "C:\Users\Brenda\appdata\locallow\yahoocouponaddon"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask4expert"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\we-care reminder"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 10/12/2014 at 13:22:57.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

OTL logfile created on: 10/12/2014 1:31:03 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brenda\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.68 Gb Available Physical Memory | 69.09% Memory free
6.01 Gb Paging File | 4.48 Gb Available in Paging File | 74.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.90 Gb Total Space | 337.52 Gb Free Space | 74.03% Space Free | Partition Type: NTFS
 
Computer Name: BRENDAPC | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/04 19:37:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Downloads\OTL.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/02 00:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/03/26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/14 08:44:18 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\462e6667cb4ef74abec9524d96c4d7d5\System.Xml.ni.dll
MOD - [2014/09/14 08:44:18 | 000,392,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\11074f4f817acf22f6b7e1ca2a634aae\System.Xml.Linq.ni.dll
MOD - [2014/09/14 08:44:11 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\dd08601ab40a3c0743ee8d7b4350debe\System.Xaml.ni.dll
MOD - [2014/09/14 08:44:09 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cc272fa4bc8ae7c468e3c75a57ae3c72\System.Windows.Forms.ni.dll
MOD - [2014/09/14 08:43:31 | 001,169,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\aa464a63150c9ca092f10c752091c73b\System.Management.ni.dll
MOD - [2014/09/14 08:43:30 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9e99d85dfa5a3de8e34fe912acf82021\System.Drawing.ni.dll
MOD - [2014/09/14 08:43:19 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\04d455ea050b547ca661a16509fe4638\System.Configuration.ni.dll
MOD - [2014/09/14 08:43:18 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\165bbf987a17d5254aeb43e769ab02f7\PresentationFramework.Aero2.ni.dll
MOD - [2014/09/14 08:43:16 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\201ff175176fa9f3f7930492d6f8e140\PresentationFramework.ni.dll
MOD - [2014/09/14 08:43:00 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\137698b247bb9989ebaf0a9c9528f17a\PresentationCore.ni.dll
MOD - [2014/09/14 08:42:50 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\358c6ca55986bf6ef35d4de5806f3f99\WindowsBase.ni.dll
MOD - [2014/09/13 17:32:20 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\5e8ea4bc2ddce0edd65f5c68b7241c06\System.Core.ni.dll
MOD - [2014/09/13 17:31:24 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3028925cf331e81d2b55093a3f131bd5\System.ni.dll
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/03/18 06:13:46 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/10 21:11:53 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014/09/12 10:53:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/13 02:14:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/08/13 02:14:39 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/08/13 02:02:49 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/08/13 02:02:49 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/13 02:01:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/08/13 02:01:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/07/24 03:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/21 00:33:44 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/31 19:24:58 | 000,201,360 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/08/13 02:01:58 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/21 00:33:48 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/12/28 14:41:58 | 000,226,944 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/19 18:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/14 20:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/13 02:14:40 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/08/13 02:14:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/08/13 02:14:39 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/08/13 02:03:14 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/08/13 02:02:49 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/08/13 02:02:49 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/08/13 02:02:49 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/07/24 11:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 11:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 07:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/21 00:33:36 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/06 18:39:17 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/05/06 18:39:17 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/28 14:19:48 | 000,578,792 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/28 14:19:40 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/28 14:19:36 | 000,115,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/28 14:19:36 | 000,089,320 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/28 14:19:36 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/12/28 14:19:34 | 000,345,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/16 20:21:30 | 003,735,040 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/10/27 02:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/20 20:39:12 | 000,454,968 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/20 20:39:10 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/20 20:39:10 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/05 02:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 12:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 04:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@popularscreensavers.com/Plugin: C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ConsumerInput@Compete: C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
 
[2014/01/21 11:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brenda\AppData\Roaming\mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIABUZZV1\MEDIABUZZV1MODE3344\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA485\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA221\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1935\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9027\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME831\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\RICHMEDIAVIEWV1\RICHMEDIAVIEWV1RELEASE7142\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\TRUSTMEDIAVIEWERV1\TRUSTMEDIAVIEWERV1ALPHA2867\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA1213\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA42\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [DellWPF] C:\Program Files\Synaptics\SynTP\DellTouchpad.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A208A2D-31F3-4054-A7C3-77DEA77EDF72}: DhcpNameServer = 10.100.25.50 10.10.1.56 10.10.1.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5469380C-05E5-474B-B8CB-FA6ABBE08F6F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/12 13:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/10/12 13:14:59 | 000,000,000 | R--D | C] -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/10/12 13:02:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/10/12 11:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/10/12 01:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Avg2015
[2014/10/12 01:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/10/11 19:31:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/10/11 14:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/10/10 13:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup Support for Consumer Input
[2014/10/10 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Compete
[2014/09/30 18:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/30 18:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/16 21:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/16 21:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/12 13:18:56 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/12 13:18:56 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/12 13:18:56 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/12 13:17:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
[2014/10/12 13:15:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/12 13:15:19 | 000,002,487 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/12 13:15:17 | 000,002,485 | ---- | M] () -- C:\Users\Brenda\Desktop\Google Chrome.lnk
[2014/10/12 13:13:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/12 13:13:32 | 3336,376,320 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/12 13:11:40 | 000,001,084 | ---- | M] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/10/09 07:17:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
[2014/09/30 18:01:27 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/30 17:47:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/30 14:04:32 | 000,492,000 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/09/18 12:09:39 | 000,139,488 | ---- | M] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/30 18:01:27 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/18 12:09:39 | 000,139,488 | ---- | C] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,001,114 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/09/18 00:08:49 | 000,001,084 | ---- | C] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/17 10:13:46 | 000,387,391 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/01 04:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\CYHPK
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\OQERG
[2014/08/22 22:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/21 00:33:38 | 000,348,088 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/05/21 00:33:32 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/05/21 00:33:32 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/21 09:51:26 | 000,000,081 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/04/12 21:28:33 | 000,000,017 | ---- | C] () -- C:\Users\Brenda\AppData\Local\resmon.resmoncfg
[2013/01/26 21:36:27 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/01/26 20:06:17 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/01/26 20:06:09 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
 
========== ZeroAccess Check ==========
 
[2014/08/24 12:19:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/24 11:20:40 | 021,266,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/24 09:46:53 | 018,760,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/06/26 12:52:54 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\.mono
[2013/09/21 21:14:47 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\1O1L1I1PtF1F1C1N
[2013/09/28 19:48:26 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\canon
[2014/10/10 13:18:44 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Compete
[2013/11/01 17:45:45 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Garmin
[2013/02/18 19:40:05 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Leadertech
[2013/06/26 13:34:52 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Marine Aquarium Lite
[2014/07/17 10:21:43 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PCDr
[2014/08/31 00:09:50 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\QuickScan
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Brenda\OneDrive:ms-properties
 
< End of report >
 
 
 

OTL logfile created on: 10/12/2014 11:43:56 AM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brenda\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 71.77% Memory free
6.01 Gb Paging File | 4.58 Gb Available in Paging File | 76.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.90 Gb Total Space | 337.60 Gb Free Space | 74.05% Space Free | Partition Type: NTFS
 
Computer Name: BRENDAPC | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/04 19:37:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Downloads\OTL.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/02 00:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/03/26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/10 21:11:53 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014/09/12 10:53:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/13 02:14:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/08/13 02:14:39 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/08/13 02:02:49 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/08/13 02:02:49 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/13 02:01:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/08/13 02:01:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/07/24 03:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/21 00:33:44 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/31 19:24:58 | 000,201,360 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/10/12 01:05:16 | 000,492,496 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/ORBTR/orbiter.dll -- (Orbiter)
SRV - [2014/08/13 02:01:58 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/21 00:33:48 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/12/28 14:41:58 | 000,226,944 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/19 18:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/14 20:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/13 02:14:40 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/08/13 02:14:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/08/13 02:14:39 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/08/13 02:03:14 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/08/13 02:02:49 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/08/13 02:02:49 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/08/13 02:02:49 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/04 11:40:48 | 000,061,528 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64.sys -- ({6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}w64)
DRV:64bit: - [2014/08/04 11:40:48 | 000,061,528 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw64.sys -- ({6eaeb8af-e4d9-4df5-b9d7-815f2928cdf7}Gw64)
DRV:64bit: - [2014/07/24 11:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 11:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 07:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/21 00:33:36 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/06 18:39:17 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/05/06 18:39:17 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/28 14:19:48 | 000,578,792 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/28 14:19:40 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/28 14:19:36 | 000,115,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/28 14:19:36 | 000,089,320 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/28 14:19:36 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/12/28 14:19:34 | 000,345,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/16 20:21:30 | 003,735,040 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/10/27 02:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/20 20:39:12 | 000,454,968 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/20 20:39:10 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/20 20:39:10 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/05 02:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 12:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 04:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...SE4NTPBGC_sp_ie
IE - HKCU\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@popularscreensavers.com/Plugin: C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll (popularscreensavers.com)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ConsumerInput@Compete: C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
 
[2014/01/21 11:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brenda\AppData\Roaming\mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIABUZZV1\MEDIABUZZV1MODE3344\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA485\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA221\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1935\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9027\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME831\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\RICHMEDIAVIEWV1\RICHMEDIAVIEWV1RELEASE7142\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\TRUSTMEDIAVIEWERV1\TRUSTMEDIAVIEWERV1ALPHA2867\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA1213\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA42\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll File not found
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn6\yt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [DellWPF] C:\Program Files\Synaptics\SynTP\DellTouchpad.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Brenda\AppData\Local\Smartbar\Application\Smartbar.exe startup File not found
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A208A2D-31F3-4054-A7C3-77DEA77EDF72}: DhcpNameServer = 10.100.25.50 10.10.1.56 10.10.1.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5469380C-05E5-474B-B8CB-FA6ABBE08F6F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc64loader.dll) - c:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Client Connect LTD)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/12 11:39:26 | 000,000,000 | R--D | C] -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/10/12 11:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/10/12 01:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Avg2015
[2014/10/12 01:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/10/12 01:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/10/12 01:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ORBTR
[2014/10/11 19:31:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/10/11 14:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/10/10 13:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup Support for Consumer Input
[2014/10/10 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Compete
[2014/10/10 13:16:13 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\globalUpdate
[2014/10/10 13:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/09/30 18:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/30 18:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/16 21:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/16 21:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/12 11:43:50 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/12 11:43:50 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/12 11:43:50 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/12 11:40:15 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/12 11:39:59 | 000,002,487 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/12 11:39:57 | 000,002,485 | ---- | M] () -- C:\Users\Brenda\Desktop\Google Chrome.lnk
[2014/10/12 11:38:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/12 11:38:08 | 3336,376,320 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/12 11:17:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
[2014/10/09 07:17:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
[2014/10/08 04:39:44 | 000,110,592 | ---- | M] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/09/30 18:01:27 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/30 17:47:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/30 14:04:32 | 000,492,000 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/09/18 12:09:39 | 000,139,488 | ---- | M] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,002,413 | ---- | M] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/16 21:58:39 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/10/08 04:39:44 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/09/30 18:01:27 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/18 12:09:39 | 000,139,488 | ---- | C] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,002,511 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/09/18 00:08:49 | 000,002,413 | ---- | C] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/17 10:13:46 | 000,387,391 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/01 04:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\CYHPK
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\OQERG
[2014/08/22 22:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/21 00:33:38 | 000,348,088 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/05/21 00:33:32 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/05/21 00:33:32 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/21 09:51:26 | 000,000,081 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/04/12 21:28:33 | 000,000,017 | ---- | C] () -- C:\Users\Brenda\AppData\Local\resmon.resmoncfg
[2013/01/26 21:36:27 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/01/26 20:06:17 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/01/26 20:06:09 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
 
========== ZeroAccess Check ==========
 
[2014/08/24 12:19:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/24 11:20:40 | 021,266,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/24 09:46:53 | 018,760,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/06/26 12:52:54 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\.mono
[2013/09/21 21:14:47 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\1O1L1I1PtF1F1C1N
[2014/09/04 21:25:52 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Ask4Expert
[2013/09/28 19:48:26 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\canon
[2014/10/10 13:18:44 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Compete
[2014/01/21 11:10:12 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\FileAssociationManager
[2013/11/01 17:45:45 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Garmin
[2013/02/18 19:40:05 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Leadertech
[2013/06/26 13:34:52 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Marine Aquarium Lite
[2014/07/17 10:21:43 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PCDr
[2014/08/31 00:09:50 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\QuickScan
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Brenda\OneDrive:ms-properties
 
< End of report >
 
 

OTL logfile created on: 10/12/2014 1:31:03 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brenda\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.88 Gb Total Physical Memory | 2.68 Gb Available Physical Memory | 69.09% Memory free
6.01 Gb Paging File | 4.48 Gb Available in Paging File | 74.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.90 Gb Total Space | 337.52 Gb Free Space | 74.03% Space Free | Partition Type: NTFS
 
Computer Name: BRENDAPC | User Name: Brenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/04 19:37:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brenda\Downloads\OTL.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2012/11/28 11:05:52 | 004,047,208 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
PRC - [2012/11/26 00:19:48 | 000,492,904 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
PRC - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
PRC - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/06/07 23:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/06/02 00:47:48 | 000,143,888 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/03/26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/14 08:44:18 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\462e6667cb4ef74abec9524d96c4d7d5\System.Xml.ni.dll
MOD - [2014/09/14 08:44:18 | 000,392,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\11074f4f817acf22f6b7e1ca2a634aae\System.Xml.Linq.ni.dll
MOD - [2014/09/14 08:44:11 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\dd08601ab40a3c0743ee8d7b4350debe\System.Xaml.ni.dll
MOD - [2014/09/14 08:44:09 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cc272fa4bc8ae7c468e3c75a57ae3c72\System.Windows.Forms.ni.dll
MOD - [2014/09/14 08:43:31 | 001,169,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\aa464a63150c9ca092f10c752091c73b\System.Management.ni.dll
MOD - [2014/09/14 08:43:30 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9e99d85dfa5a3de8e34fe912acf82021\System.Drawing.ni.dll
MOD - [2014/09/14 08:43:19 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\04d455ea050b547ca661a16509fe4638\System.Configuration.ni.dll
MOD - [2014/09/14 08:43:18 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\165bbf987a17d5254aeb43e769ab02f7\PresentationFramework.Aero2.ni.dll
MOD - [2014/09/14 08:43:16 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\201ff175176fa9f3f7930492d6f8e140\PresentationFramework.ni.dll
MOD - [2014/09/14 08:43:00 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\137698b247bb9989ebaf0a9c9528f17a\PresentationCore.ni.dll
MOD - [2014/09/14 08:42:50 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\358c6ca55986bf6ef35d4de5806f3f99\WindowsBase.ni.dll
MOD - [2014/09/13 17:32:20 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\5e8ea4bc2ddce0edd65f5c68b7241c06\System.Core.ni.dll
MOD - [2014/09/13 17:31:24 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3028925cf331e81d2b55093a3f131bd5\System.ni.dll
MOD - [2014/07/31 12:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 12:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/03/18 06:13:46 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2012/06/08 15:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/07 23:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/10 21:11:53 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2014/09/12 10:53:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/13 02:14:40 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/08/13 02:14:39 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/08/13 02:02:49 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/08/13 02:02:49 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/13 02:01:58 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/08/13 02:01:58 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/07/24 03:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/05/21 00:33:44 | 000,314,696 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
SRV:64bit: - [2014/03/18 06:13:26 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 06:13:25 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 06:13:20 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 06:13:18 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 06:13:18 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 06:13:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 06:13:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 06:13:13 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/31 19:24:58 | 000,201,360 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/08/13 02:01:58 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/07/24 09:41:39 | 002,898,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/05/21 00:33:48 | 000,278,344 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/09/19 08:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/12/28 14:41:58 | 000,226,944 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/12/26 02:41:44 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/11/26 00:18:54 | 001,914,728 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe -- (SftService)
SRV - [2012/07/17 21:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 21:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 21:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 17:47:14 | 000,007,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/06/19 18:33:06 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/14 20:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/13 02:14:40 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/08/13 02:14:40 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/08/13 02:14:39 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/08/13 02:03:14 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/08/13 02:02:49 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/08/13 02:02:49 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/08/13 02:02:49 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/07/24 11:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 11:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 07:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/21 00:33:36 | 003,791,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/05/12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/05/06 18:39:17 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/05/06 18:39:17 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2014/03/18 06:13:19 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 06:13:15 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 06:13:02 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 06:13:01 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 06:13:01 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2014/03/18 06:13:01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 06:13:01 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 06:13:01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 06:13:01 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 06:13:00 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 06:13:00 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 06:13:00 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 05:45:47 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 05:45:41 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/28 14:19:48 | 000,578,792 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/12/28 14:19:40 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/12/28 14:19:38 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/12/28 14:19:36 | 000,115,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/12/28 14:19:36 | 000,089,320 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/12/28 14:19:36 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/12/28 14:19:34 | 000,345,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/12/16 20:21:30 | 003,735,040 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/10/27 02:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/20 20:39:12 | 000,454,968 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/09/20 20:39:10 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012/09/20 20:39:10 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/05 02:22:10 | 000,010,752 | ---- | M] (OSR Open Systems Resources, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DellRbtn.sys -- (DellRbtn)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 14:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 12:40:50 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 04:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8241E8F1-A9EE-4F50-8FF2-97657CCCABB8}: "URL" = http://www.bing.com/...E10TR&pc=MDDCJS
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@popularscreensavers.com/Plugin: C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ConsumerInput@Compete: C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
 
[2014/01/21 11:10:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brenda\AppData\Roaming\mozilla\Extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\BETTERSURF\BETTERSURFPLUS\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIABUZZV1\MEDIABUZZV1MODE3344\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAPLAYERV1\MEDIAPLAYERV1ALPHA485\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA221\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA1935\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAVIEWV1\MEDIAVIEWV1ALPHA9027\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\MEDIAWATCHV1\MEDIAWATCHV1HOME831\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\RICHMEDIAVIEWV1\RICHMEDIAVIEWV1RELEASE7142\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\TRUSTMEDIAVIEWERV1\TRUSTMEDIAVIEWERV1ALPHA2867\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA1213\FF
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA42\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.117_0\
CHR - Extension: Yahoo Extension = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.450_0\
CHR - Extension: Google Wallet = C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [BtPreLoad] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe ()
O4:64bit: - HKLM..\Run: [DellWPF] C:\Program Files\Synaptics\SynTP\DellTouchpad.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A208A2D-31F3-4054-A7C3-77DEA77EDF72}: DhcpNameServer = 10.100.25.50 10.10.1.56 10.10.1.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5469380C-05E5-474B-B8CB-FA6ABBE08F6F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/12 13:20:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/10/12 13:14:59 | 000,000,000 | R--D | C] -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/10/12 13:02:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/10/12 11:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/10/12 01:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/10/12 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Local\Avg2015
[2014/10/12 01:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/10/11 19:31:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/10/11 14:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/10/10 13:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Setup Support for Consumer Input
[2014/10/10 13:18:44 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\Compete
[2014/09/30 18:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brenda\AppData\Roaming\SUPERAntiSpyware.com
[2014/09/30 18:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/09/16 21:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/16 21:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/16 21:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/12 13:18:56 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/10/12 13:18:56 | 000,732,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/10/12 13:18:56 | 000,136,262 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/10/12 13:17:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
[2014/10/12 13:15:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/12 13:15:19 | 000,002,487 | ---- | M] () -- C:\Users\Brenda\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/10/12 13:15:17 | 000,002,485 | ---- | M] () -- C:\Users\Brenda\Desktop\Google Chrome.lnk
[2014/10/12 13:13:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/12 13:13:32 | 3336,376,320 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/12 13:11:40 | 000,001,084 | ---- | M] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/10/09 07:17:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
[2014/09/30 18:01:27 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/30 17:47:04 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/30 14:04:32 | 000,492,000 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/09/18 12:09:39 | 000,139,488 | ---- | M] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/30 18:01:27 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2014/09/18 12:09:39 | 000,139,488 | ---- | C] () -- C:\WINDOWS\SysWow64\XMLOperations.xml
[2014/09/18 00:08:49 | 000,001,114 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/09/18 00:08:49 | 000,001,084 | ---- | C] () -- C:\Users\Brenda\Desktop\Search.lnk
[2014/09/17 10:13:46 | 000,387,391 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/09/16 21:58:39 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/01 04:18:44 | 000,002,086 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\CYHPK
[2014/09/01 04:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\OQERG
[2014/08/22 22:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/05/21 00:33:38 | 000,348,088 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/05/21 00:33:32 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/05/21 00:33:32 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/03/18 06:13:28 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 06:13:03 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/21 09:51:26 | 000,000,081 | ---- | C] () -- C:\Users\Brenda\AppData\Roaming\WB.CFG
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/04/12 21:28:33 | 000,000,017 | ---- | C] () -- C:\Users\Brenda\AppData\Local\resmon.resmoncfg
[2013/01/26 21:36:27 | 000,880,342 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/01/26 20:06:17 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2013/01/26 20:06:09 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
 
========== ZeroAccess Check ==========
 
[2014/08/24 12:19:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/07/24 11:20:40 | 021,266,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/07/24 09:46:53 | 018,760,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/06/26 12:52:54 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\.mono
[2013/09/21 21:14:47 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\1O1L1I1PtF1F1C1N
[2013/09/28 19:48:26 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\canon
[2014/10/10 13:18:44 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Compete
[2013/11/01 17:45:45 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Garmin
[2013/02/18 19:40:05 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Leadertech
[2013/06/26 13:34:52 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\Marine Aquarium Lite
[2014/07/17 10:21:43 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\PCDr
[2014/08/31 00:09:50 | 000,000,000 | ---D | M] -- C:\Users\Brenda\AppData\Roaming\QuickScan
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 237 bytes -> C:\Users\Brenda\OneDrive:ms-properties
 
< End of report >
 
 
# AdwCleaner v4.000 - Report created 12/10/2014 at 16:20:20
# DB v2014-10-12.3
# Updated 12/10/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Brenda - BRENDAPC
# Running from : C:\Users\Brenda\Downloads\adwcleaner_4.000.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : Update Klip Pal
[#] Service Deleted : Util Klip Pal
Service Deleted : {be5bf058-a067-4076-8c2e-22b9345a0260}Gw64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Klip Pal
Folder Deleted : C:\Users\Brenda\AppData\Local\Temp\Klip Pal
File Deleted : C:\WINDOWS\System32\\drivers\{be5bf058-a067-4076-8c2e-22b9345a0260}Gw64.sys
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Klip Pal
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Klip Pal
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{26118726-ae46-4b8d-81c0-75dc986a7c1a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a13d85a3-d31a-4f34-b4cd-fce576dc079e}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Klip Pal
Key Deleted : HKLM\SOFTWARE\Klip Pal
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Klip Pal
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Google Chrome v
 
 
*************************
 
AdwCleaner[R0].txt - [15153 octets] - [12/10/2014 13:02:35]
AdwCleaner[R1].txt - [1397 octets] - [12/10/2014 15:27:28]
AdwCleaner[R2].txt - [3404 octets] - [12/10/2014 16:18:31]
AdwCleaner[S0].txt - [14506 octets] - [12/10/2014 13:11:24]
AdwCleaner[S1].txt - [1312 octets] - [12/10/2014 15:46:22]
AdwCleaner[S2].txt - [2919 octets] - [12/10/2014 16:20:20]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2979 octets] ##########
 
I hope you can make sense of this stuff. Hopefully it is what you wanted. 
Thanks again for your help and patience.
 
Brenda
 

Edited by Brenda50, 12 October 2014 - 02:27 PM.

  • 0

#4
zep516
Posted 12 October 2014 - 02:26 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Not to worry, take your time I gave you a lot to do.
  • 0

#5
zep516
Posted 12 October 2014 - 02:35 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
This is great thank you.

You have Malwarebytes installed please run it for me and post a log report, I'll be back a bit later.

Joe
  • 0

#6
Brenda50
Posted 13 October 2014 - 05:12 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

Sorry I took so long to get back but life happens. Here is the scan from Malwarebytes.  The PC seems fine now.  Just need to find reliable protection.

 

<?xml version="1.0" encoding="UTF-8" ?>
<mbam-log>
<header>
<date>2014/10/13 18:53:02 -0400</date>
<logfile>mbam-log-2014-10-13 (18-53-02).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>0.00.0.0000</version>
<malware-database>v0000.00.00.00</malware-database>
<rootkit-database>v0000.00.00.00</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>Brenda</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>1622</objects>

 

Thanks again for your time and patience

Brenda


  • 0

#7
zep516
Posted 13 October 2014 - 05:36 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
You're are welcome, we have a little bit to do yet so stay tuned.

Protect your PC with Microsoft security-essentials, see link below for download.

http://windows.micro...ntials-download


Then I'd like to see another 2 scans from you.


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Install the Anti virus first, then run the scan above and post to me:
  • FRST.txt
  • Addition.txt
Thanks
Joe :)
  • 0

#8
Brenda50
Posted 13 October 2014 - 06:35 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe,

 

I know you didn't ask but I thought I would run Superantivirus since I have that program installed also. Here is the log from that. I hope it helps.

 

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/13/2014 at 08:22 PM

Application Version : 6.0.1158
Database Version : 11532

Scan type       : Complete Scan
Total Scan Time : 01:06:57

Operating System Information
Windows 8.1 64-bit (Build 6.03.9200)
UAC On - Limited User

Memory items scanned      : 707
Memory threats detected   : 0
Registry items scanned    : 61041
Registry threats detected : 3
File items scanned        : 31903
File threats detected     : 78

Adware.Tracking Cookie
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\463P3W60.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\463P3W60.txt [ /doubleclick.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\6CVFO74S.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\6CVFO74S.txt [ /11163968-7006.id2.clickprotects.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\E30OEUVO.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\E30OEUVO.txt [ /tribalfusion.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\O1ELU84Y.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\O1ELU84Y.txt [ /ru4.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\H9RM2FIG.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\H9RM2FIG.txt [ /ad.mlnadvertising.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\LUQHCN2D.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\LUQHCN2D.txt [ /questionmarket.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\LGAS2EPU.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\LGAS2EPU.txt [ /ads.yahoo.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\V2PW05GS.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\V2PW05GS.txt [ /revsci.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\2805KPSY.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\2805KPSY.txt [ /ads.pointroll.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\T1OCR0DI.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\T1OCR0DI.txt [ /casalemedia.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\BMSI0AZL.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\BMSI0AZL.txt [ /c1.adform.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\N2LM3AEX.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\N2LM3AEX.txt [ /serving-sys.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\7PC19HG5.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\7PC19HG5.txt [ /adform.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\H9QTRMOY.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\H9QTRMOY.txt [ /fastclick.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\6A2P2ZKP.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\6A2P2ZKP.txt [ /smartadserver.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\AH9DCFQW.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\AH9DCFQW.txt [ /clickprotects.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\V24WTXYB.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\V24WTXYB.txt [ /ads.stickyadstv.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\06U0P7ML.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\06U0P7ML.txt [ /advertising.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\C8HU57O3.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\C8HU57O3.txt [ /eyeviewads.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\3FGQWI9B.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\3FGQWI9B.txt [ /c2.clickprotects.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\MSAJM1UG.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\MSAJM1UG.txt [ /imrworldwide.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\OH96QWB5.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\OH96QWB5.txt [ /wttracking.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\2ZBDC6GU.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\2ZBDC6GU.txt [ /ads.adsfirefly.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\9EB0EFX0.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\9EB0EFX0.txt [ /pro-market.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\NHDLP1CY.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\NHDLP1CY.txt [ /ads.creative-serving.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\KE6HYRRN.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\KE6HYRRN.txt [ /doubleclick.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\GSTQ6MPV.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\GSTQ6MPV.txt [ /at.atwola.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\WY5V9IV0.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\WY5V9IV0.txt [ /ar.atwola.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\ZSBOLS0H.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\ZSBOLS0H.txt [ /ru4.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\V7WN872F.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\V7WN872F.txt [ /www.googleadservices.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\G095WKKJ.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\G095WKKJ.txt [ /questionmarket.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\OKHZVQK4.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\OKHZVQK4.txt [ /ads.yahoo.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\U7OFCU5Q.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\U7OFCU5Q.txt [ /revsci.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\0VLP01NY.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\0VLP01NY.txt [ /bs.serving-sys.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\2GV764F8.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\2GV764F8.txt [ /tacoda.at.atwola.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\1FYBKN7C.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\1FYBKN7C.txt [ /casalemedia.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\58Z4HR3S.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\58Z4HR3S.txt [ /serving-sys.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\JTGRWJAX.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\JTGRWJAX.txt [ /atdmt.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\8TPV9JRB.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\8TPV9JRB.txt [ /advertising.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\2P1JGW6F.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\2P1JGW6F.txt [ /atwola.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\SSXOSIDU.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\SSXOSIDU.txt [ /imrworldwide.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\G8Q4I8PX.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\G8Q4I8PX.txt [ /adtechus.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\3JQ1D54O.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\3JQ1D54O.txt [ /pro-market.net ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\VTICF4VR.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\VTICF4VR.txt [ /ads.creative-serving.com ]
 C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\DFGYAIOA.txtC:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCookies\Low\DFGYAIOA.txt [ /tracker.databrain.com ]
 .doubleclick.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 search.safefinder.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .doubleclick.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .basebanner.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.googleadservices.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\BRENDA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

PUP.ConsumerInput
 (x86) HKLM\SOFTWARE\ConsumerInput
 (x86) HKLM\SOFTWARE\ConsumerInput\Common
 (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Consumer Input Installer

============
 End of Log
============

 

Thanks again for your patience

Brenda




  • 0

#9
Brenda50
Posted 13 October 2014 - 07:08 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe,

 

Here we go.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Brenda (administrator) on BRENDAPC on 13-10-2014 21:01:48
Running from C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCache\IE\YCJ2J57T
Loaded Profile: Brenda (Available profiles: Brenda)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2918200 2012-09-20] (Synaptics Incorporated)
HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [4875576 2012-09-20] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [Google Update] => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-10] (Google Inc.)
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [GoogleChromeAutoLaunch_F3F1F347082F96D0DBAEC2249C80F4F1] => C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
HKU\S-1-5-21-2564139484-152270176-2040777850-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-10] (SUPERAntiSpyware)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
SearchScopes: HKCU - {8241E8F1-A9EE-4F50-8FF2-97657CCCABB8} URL = http://www.bing.com/...E10TR&pc=MDDCJS
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Yahoo Extension) - C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]
CHR HKLM-x32\...\Chrome\Extension: [gdnhodjhmdahknapajgfmhlghadbnpik] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx []
CHR HKLM-x32\...\Chrome\Extension: [ianbobkeplelligeejgeljdfdgljcnjl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx []
CHR HKLM-x32\...\Chrome\Extension: [iebkideapflccachklgbeinjhfeigamo] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpkodcagkabdilcecgmpjjlbajkjfajb] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx []
CHR HKLM-x32\...\Chrome\Extension: [plhgnpoeaalmacnhdejkkleickcjfofa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-10-10] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-13] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-13] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
S2 Update Krab Web; "C:\Program Files (x86)\Krab Web\updateKrabWeb.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-20] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-20] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 21:01 - 2014-10-13 21:01 - 00000000 ____D () C:\FRST
2014-10-13 19:03 - 2014-10-13 19:03 - 00001232 _____ () C:\Users\Brenda\Documents\malware.xml
2014-10-13 18:58 - 2014-10-13 18:58 - 00001046 _____ () C:\malware.txt
2014-10-13 18:53 - 2014-10-13 18:53 - 00000000 ___RD () C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-12 15:16 - 2014-10-12 15:16 - 01976320 _____ () C:\Users\Brenda\Downloads\adwcleaner_4.000 (1).exe
2014-10-12 15:15 - 2014-10-12 15:15 - 01976320 _____ () C:\Users\Brenda\Downloads\adwcleaner_4.000.exe
2014-10-12 14:36 - 2014-10-12 14:36 - 00119284 _____ () C:\Users\Brenda\Downloads\OTL3.Txt
2014-10-12 13:22 - 2014-10-12 13:22 - 00001940 _____ () C:\Users\Brenda\Desktop\JRT.txt
2014-10-12 13:20 - 2014-10-12 13:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-12 13:18 - 2014-10-12 13:18 - 01705755 _____ (Thisisu) C:\Users\Brenda\Downloads\JRT.exe
2014-10-12 13:02 - 2014-10-12 16:20 - 00000000 ____D () C:\AdwCleaner
2014-10-12 13:01 - 2014-10-12 13:01 - 01976320 _____ () C:\Users\Brenda\Downloads\AdwCleaner.exe
2014-10-12 12:39 - 2014-10-12 12:39 - 00117814 _____ () C:\Users\Brenda\Downloads\OTL2.Txt
2014-10-12 11:34 - 2014-10-12 11:34 - 00000000 ____D () C:\_OTL
2014-10-12 01:09 - 2014-10-12 01:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-12 01:06 - 2014-10-12 01:22 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-12 01:06 - 2014-10-12 01:06 - 00000000 ____D () C:\Users\Brenda\AppData\Local\MFAData
2014-10-12 01:06 - 2014-10-12 01:06 - 00000000 ____D () C:\Users\Brenda\AppData\Local\Avg2015
2014-10-12 01:05 - 2014-10-12 01:05 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-12 00:58 - 2014-10-12 00:58 - 04579176 _____ (AVG Technologies) C:\Users\Brenda\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-10-12 00:55 - 2014-10-12 00:55 - 00055664 _____ (Premium Installer ) C:\Users\Brenda\Downloads\Ad-Aware.exe
2014-10-11 19:31 - 2014-10-11 19:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-11 18:24 - 2014-10-11 18:24 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brenda\Downloads\tdsskiller.exe
2014-10-10 13:18 - 2014-10-10 13:18 - 00003858 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2014-10-10 13:18 - 2014-10-10 13:18 - 00003622 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2014-10-10 13:18 - 2014-10-10 13:18 - 00003274 _____ () C:\WINDOWS\System32\Tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Users\Brenda\AppData\Roaming\Compete
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
2014-10-10 13:17 - 2014-10-10 13:17 - 00004368 _____ () C:\WINDOWS\System32\Tasks\CYHPK
2014-10-10 13:16 - 2014-10-10 13:16 - 00004364 _____ () C:\WINDOWS\System32\Tasks\OQERG
2014-10-06 22:31 - 2014-10-06 22:31 - 01173968 _____ (ArcadeYum) C:\Users\Brenda\Downloads\ArcadeYumGames.exe
2014-09-30 18:01 - 2014-09-30 18:01 - 00001822 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-09-30 18:01 - 2014-09-30 18:01 - 00000000 ____D () C:\Users\Brenda\AppData\Roaming\SUPERAntiSpyware.com
2014-09-30 18:01 - 2014-09-30 18:01 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-18 12:09 - 2014-09-18 12:09 - 00139488 _____ () C:\WINDOWS\SysWOW64\XMLOperations.xml
2014-09-18 00:08 - 2014-10-12 13:11 - 00001114 _____ () C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-18 00:08 - 2014-10-12 13:11 - 00001084 _____ () C:\Users\Brenda\Desktop\Search.lnk
2014-09-17 10:23 - 2014-08-23 03:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-17 10:23 - 2014-08-23 03:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-17 10:23 - 2014-08-23 00:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-17 10:23 - 2014-08-23 00:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-17 10:22 - 2014-08-23 02:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-17 10:22 - 2014-08-23 01:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-17 10:22 - 2014-08-23 00:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-17 10:22 - 2014-08-23 00:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-17 10:22 - 2014-08-23 00:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-17 10:22 - 2014-07-29 21:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-17 10:22 - 2014-07-29 01:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-17 10:19 - 2014-07-24 11:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-17 10:19 - 2014-07-24 09:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-17 10:19 - 2014-07-24 05:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-17 10:19 - 2014-07-24 05:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-17 10:19 - 2014-07-24 03:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-17 10:19 - 2014-07-24 03:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-17 10:19 - 2014-07-24 03:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-17 10:18 - 2014-07-24 11:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-17 10:18 - 2014-07-24 11:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-17 10:18 - 2014-07-24 11:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-17 10:18 - 2014-07-24 11:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-17 10:18 - 2014-07-24 11:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-17 10:18 - 2014-07-24 11:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-17 10:18 - 2014-07-24 10:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-17 10:18 - 2014-07-24 09:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-17 10:18 - 2014-07-24 09:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-17 10:18 - 2014-07-24 09:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-17 10:18 - 2014-07-24 09:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-17 10:18 - 2014-07-24 07:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-17 10:18 - 2014-07-24 07:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-17 10:18 - 2014-07-24 06:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-17 10:18 - 2014-07-24 04:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-17 10:18 - 2014-07-24 04:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-17 10:18 - 2014-07-24 04:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-17 10:18 - 2014-07-24 04:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-17 10:18 - 2014-07-24 04:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-17 10:18 - 2014-07-24 04:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-17 10:18 - 2014-07-24 04:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-17 10:18 - 2014-07-24 04:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-17 10:18 - 2014-07-24 03:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-17 10:18 - 2014-07-24 03:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-17 10:18 - 2014-07-24 03:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-17 10:18 - 2014-07-24 03:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-17 10:18 - 2014-07-24 03:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-17 10:18 - 2014-06-14 02:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-17 10:18 - 2014-06-14 01:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-17 10:17 - 2014-07-24 11:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-17 10:17 - 2014-07-24 11:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-17 10:17 - 2014-07-24 11:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-17 10:17 - 2014-07-24 11:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-17 10:17 - 2014-07-24 11:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-17 10:17 - 2014-07-24 11:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-17 10:17 - 2014-07-24 11:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-17 10:17 - 2014-07-24 11:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-17 10:17 - 2014-07-24 11:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-17 10:17 - 2014-07-24 10:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-17 10:17 - 2014-07-24 09:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-17 10:17 - 2014-07-24 09:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-17 10:17 - 2014-07-24 09:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-17 10:17 - 2014-07-24 07:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-17 10:17 - 2014-07-24 07:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-17 10:17 - 2014-07-24 07:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-17 10:17 - 2014-07-24 06:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-17 10:17 - 2014-07-24 05:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-17 10:17 - 2014-07-24 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-17 10:17 - 2014-07-24 05:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-17 10:17 - 2014-07-24 05:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-17 10:17 - 2014-07-24 04:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-17 10:17 - 2014-07-24 04:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-17 10:17 - 2014-07-24 04:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-17 10:17 - 2014-07-24 04:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-17 10:17 - 2014-07-24 04:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-17 10:17 - 2014-07-24 04:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-17 10:17 - 2014-07-24 04:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-17 10:17 - 2014-07-24 04:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-17 10:17 - 2014-07-24 04:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-17 10:17 - 2014-07-24 04:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-17 10:17 - 2014-07-24 04:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-17 10:17 - 2014-07-24 03:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-17 10:17 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-17 10:17 - 2014-07-24 00:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-17 10:17 - 2014-07-12 01:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-17 10:17 - 2014-07-12 00:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-17 10:17 - 2014-07-04 05:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-17 10:17 - 2014-07-04 05:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-17 10:17 - 2014-06-25 20:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-17 10:17 - 2014-06-18 22:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-17 10:17 - 2014-06-05 06:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-17 10:17 - 2014-06-05 05:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-17 10:17 - 2014-05-29 02:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-17 10:17 - 2014-05-06 00:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-17 10:17 - 2014-05-05 20:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-17 10:16 - 2014-07-24 11:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-17 10:16 - 2014-07-24 11:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-17 10:16 - 2014-07-24 11:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-17 10:16 - 2014-07-24 11:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-17 10:16 - 2014-07-24 11:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-17 10:16 - 2014-07-24 11:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-17 10:16 - 2014-07-24 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-17 10:16 - 2014-07-24 07:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-17 10:16 - 2014-07-24 07:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-17 10:16 - 2014-07-24 07:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-17 10:16 - 2014-07-24 07:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-17 10:16 - 2014-07-24 06:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-17 10:16 - 2014-07-24 06:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-17 10:16 - 2014-07-24 06:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-17 10:16 - 2014-07-24 06:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-17 10:16 - 2014-07-24 06:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-17 10:16 - 2014-07-24 05:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-17 10:16 - 2014-07-24 05:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-17 10:16 - 2014-07-24 05:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-17 10:16 - 2014-07-24 05:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-17 10:16 - 2014-07-24 05:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-17 10:16 - 2014-07-24 05:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-17 10:16 - 2014-07-24 05:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-17 10:16 - 2014-07-24 04:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-17 10:16 - 2014-07-24 04:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-17 10:16 - 2014-07-24 04:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-17 10:16 - 2014-07-24 04:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-17 10:16 - 2014-07-24 04:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-17 10:16 - 2014-07-24 04:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-17 10:16 - 2014-07-24 04:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-17 10:16 - 2014-07-24 04:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-17 10:16 - 2014-07-24 04:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-17 10:16 - 2014-07-24 04:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-17 10:16 - 2014-07-24 03:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-17 10:16 - 2014-07-24 03:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-17 10:16 - 2014-07-24 03:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-17 10:16 - 2014-07-24 03:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-17 10:16 - 2014-07-12 00:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-17 10:16 - 2014-07-04 06:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-17 10:16 - 2014-07-04 06:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-17 10:16 - 2014-06-27 02:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-17 10:16 - 2014-06-19 19:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-17 10:16 - 2014-06-05 10:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-17 10:16 - 2014-05-31 01:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-17 10:16 - 2014-05-29 01:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-17 10:16 - 2014-05-10 06:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-17 10:16 - 2014-05-10 04:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-17 10:16 - 2014-03-24 22:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-17 10:16 - 2014-03-24 22:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-17 10:16 - 2014-03-24 21:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-17 10:15 - 2014-07-24 11:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-17 10:15 - 2014-07-24 11:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-17 10:15 - 2014-07-24 11:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-17 10:15 - 2014-07-24 09:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-17 10:15 - 2014-07-24 09:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-17 10:15 - 2014-07-24 07:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-17 10:15 - 2014-07-24 07:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-17 10:15 - 2014-07-24 07:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-17 10:15 - 2014-07-24 06:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-17 10:15 - 2014-07-24 06:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-17 10:15 - 2014-07-24 06:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-17 10:15 - 2014-07-24 06:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-17 10:15 - 2014-07-24 05:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-17 10:15 - 2014-07-24 05:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-17 10:15 - 2014-07-24 05:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-17 10:15 - 2014-07-24 05:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-17 10:15 - 2014-07-24 05:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-17 10:15 - 2014-07-24 05:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-17 10:15 - 2014-07-24 05:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-17 10:15 - 2014-07-24 04:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-17 10:15 - 2014-07-24 04:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-17 10:15 - 2014-07-24 04:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-17 10:15 - 2014-07-24 04:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-17 10:15 - 2014-07-24 04:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-17 10:15 - 2014-07-24 04:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-17 10:15 - 2014-07-24 04:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-17 10:15 - 2014-07-24 04:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-17 10:15 - 2014-07-24 04:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-17 10:15 - 2014-07-24 03:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-17 10:15 - 2014-07-24 03:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-17 10:15 - 2014-07-24 03:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-17 10:15 - 2014-07-24 03:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-17 10:15 - 2014-07-24 03:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-17 10:15 - 2014-07-04 08:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-17 10:15 - 2014-07-04 06:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-17 10:15 - 2014-06-25 20:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-17 10:15 - 2014-06-07 08:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-17 10:15 - 2014-06-07 06:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-17 10:15 - 2014-05-31 00:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-17 10:15 - 2014-05-29 01:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-17 10:15 - 2014-05-26 03:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-17 10:15 - 2014-03-24 21:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-17 10:14 - 2014-07-24 07:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-17 10:14 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-17 10:14 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-17 10:14 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-17 10:14 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-17 10:14 - 2014-07-24 07:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-17 10:14 - 2014-07-24 07:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-17 10:14 - 2014-07-24 07:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-17 10:14 - 2014-07-24 07:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-17 10:14 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-17 10:14 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-17 10:14 - 2014-07-24 06:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-17 10:14 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-17 10:14 - 2014-07-24 06:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-17 10:14 - 2014-07-24 06:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-17 10:14 - 2014-07-24 06:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-17 10:14 - 2014-07-24 06:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-17 10:14 - 2014-07-24 05:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-17 10:14 - 2014-07-24 05:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-17 10:14 - 2014-07-24 05:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-17 10:14 - 2014-07-24 05:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-17 10:14 - 2014-07-24 05:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-17 10:14 - 2014-07-24 05:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-17 10:14 - 2014-07-24 05:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-17 10:14 - 2014-07-24 04:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-17 10:14 - 2014-07-24 04:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-17 10:14 - 2014-07-24 04:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-17 10:14 - 2014-07-24 04:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-17 10:14 - 2014-07-24 04:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-17 10:14 - 2014-07-24 04:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-17 10:14 - 2014-07-24 04:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-17 10:14 - 2014-07-24 04:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-17 10:14 - 2014-07-24 04:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-17 10:14 - 2014-07-24 03:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-17 10:14 - 2014-07-12 01:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-17 10:14 - 2014-07-12 00:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-17 10:14 - 2014-07-04 06:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-17 10:14 - 2014-05-29 00:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-17 10:13 - 2014-07-24 07:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-17 10:13 - 2014-07-24 06:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-17 10:13 - 2014-07-24 04:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-17 10:13 - 2014-07-24 04:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-17 10:13 - 2014-07-24 04:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-17 10:13 - 2014-07-09 19:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-17 10:07 - 2014-08-14 20:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-16 21:58 - 2014-09-16 21:58 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-16 21:58 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-16 21:57 - 2014-09-16 21:57 - 00000000 ____D () C:\Program Files\iPod
2014-09-16 21:56 - 2014-09-16 21:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-16 21:56 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files\iTunes
2014-09-16 21:56 - 2014-09-16 21:58 - 00000000 ____D () C:\Program Files (x86)\iTunes

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-13 21:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-13 20:26 - 2013-02-18 19:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2564139484-152270176-2040777850-1001
2014-10-13 20:17 - 2013-03-10 11:27 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job
2014-10-13 18:57 - 2013-01-26 21:24 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-10-13 18:55 - 2013-11-14 21:31 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F86F089A-20FB-4CE9-B888-5287C503C187}
2014-10-13 18:53 - 2014-03-01 21:55 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-13 18:53 - 2013-03-10 11:27 - 00002485 _____ () C:\Users\Brenda\Desktop\Google Chrome.lnk
2014-10-13 18:52 - 2014-08-12 23:17 - 00000000 __RDO () C:\Users\Brenda\OneDrive
2014-10-13 18:52 - 2014-08-04 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-13 16:30 - 2014-08-12 22:57 - 01644105 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-12 21:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-12 16:25 - 2014-03-18 06:03 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-12 16:21 - 2014-03-18 05:54 - 00045802 _____ () C:\WINDOWS\PFRO.log
2014-10-12 16:21 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-12 16:20 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-12 16:05 - 2012-07-26 01:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-12 14:35 - 2014-08-04 19:52 - 00119284 _____ () C:\Users\Brenda\Downloads\OTL.Txt
2014-10-11 20:21 - 2013-02-18 19:39 - 00000000 ____D () C:\Users\Brenda\AppData\Local\Packages
2014-10-11 19:29 - 2014-08-04 19:55 - 00207190 _____ () C:\Users\Brenda\Desktop\OTL.Txt
2014-10-10 21:16 - 2014-08-26 12:33 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-09 07:17 - 2013-03-10 11:27 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job
2014-10-05 22:43 - 2013-08-22 10:46 - 00289033 _____ () C:\WINDOWS\setupact.log
2014-09-30 18:01 - 2013-04-29 19:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-30 17:46 - 2013-06-26 12:52 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-30 15:37 - 2014-08-12 22:36 - 00000000 ____D () C:\Users\Brenda
2014-09-30 14:04 - 2013-08-22 10:44 - 00492000 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-24 19:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-23 23:05 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-22 02:42 - 2014-08-25 21:33 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-09-17 15:36 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-17 15:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-17 15:36 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-16 21:52 - 2013-03-04 20:37 - 00000000 ____D () C:\ProgramData\Apple
2014-09-14 18:17 - 2013-08-14 21:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-14 18:11 - 2013-02-19 21:38 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll
C:\Users\Brenda\AppData\Local\Temp\bs.exe
C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Brenda\AppData\Local\Temp\drv54905.exe
C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll
C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe
C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll
C:\Users\Brenda\AppData\Local\Temp\Launcher.exe
C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe
C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Brenda\AppData\Local\Temp\setup_399.exe
C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe
C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll
C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll
C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-12 16:38

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by Brenda at 2014-10-13 21:03:02
Running from C:\Users\Brenda\AppData\Local\Microsoft\Windows\INetCache\IE\YCJ2J57T
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
americanfallsss1.exe (HKLM\...\americanfallsss1_folder) (Version:  - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (Version: 15.0.4181 - AVG Technologies) Hidden
Beaches2012.scr (HKLM\...\Beaches2012_folder) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‎Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG6300 series User Registration (HKLM-x32\...\Canon MG6300 series User Registration) (Version:  - Canon Inc.‎)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CWA Reminder by We-Care.com v4.1.22.3 (HKLM-x32\...\{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}) (Version: 4.1.22.3 - We-Care.com)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.17 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
File Association Manager (HKLM-x32\...\FileAssociationManager) (Version: 0.5 - Amnis Technology Ltd)
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.76 - Google Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode3344) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player (HKLM-x32\...\MediaPlayerV1alpha485) (Version: 1.1 - Media Player) <==== ATTENTION
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PopularScreensavers Toolbar and Software (HKLM-x32\...\PopularScreensavers_7ibar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6741 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Rich Media View (HKLM-x32\...\RichMediaViewV1release7142) (Version: 1.1 - Rich Media View) <==== ATTENTION
SereneScreen Marine Aquarium Lite (HKLM-x32\...\SereneScreen Marine Aquarium Lite_is1) (Version: 3.0 - Prolific Publishing, Inc.) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shopping Helper Smartbar (HKLM-x32\...\{C64BEB42-B25D-4674-BB55-4099CB720110}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{6f8946c3-3891-4254-b198-25b9c5482e15}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1014 - SUPERAntiSpyware.com)
SUPERAntiSpyware (HKLM-x32\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1016 - SUPERAntiSpyware.com)
SUPERAntiSpyware Free Download Packages (HKCU\...\SUPERAntiSpyware Free Download Packages) (Version:  - ) <==== ATTENTION
The Blu 2.0 (HKLM-x32\...\{BC8C6974-CECD-40E4-9553-287C555DE93A}_is1) (Version:  - Wemo Media Inc.)
Trust Media Viewer (HKLM-x32\...\TrustMediaViewerV1alpha2867) (Version: 1.1 - Trust Media Viewer) <==== ATTENTION
Update for Microsoft en-us Dictionary (Version: 16.1.1125.1 - Microsoft Corporation) Hidden
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - WebAppTech Coding, LLC) <==== ATTENTION
Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

24-09-2014 03:03:27 Windows Update
12-10-2014 00:10:46 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D52689E-40CA-4ED7-B0F2-1F2F7F543BD0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B4600B8-A5D7-47FD-ABB7-A813A87C5834} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-20] (Synaptics Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46C3BF98-C8CA-4A09-8842-BF977E0E31FA} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {58A86AB7-2BB3-4AE9-800E-545F288C1F72} - System32\Tasks\OQERG => C:\Users\Brenda\AppData\Roaming\OQERG.exe <==== ATTENTION
Task: {5AD37204-F780-407A-9B62-C99FBB3BA1AC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {5EFD183F-56FE-4E17-8D5A-84AFE5353CDC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-10] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {797626AF-8EC6-4E7B-811D-87DA6D2FBBCE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B0C48B0C-AF64-48F3-AEF4-60E35D25C751} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {B1244550-1DCE-4693-A8B1-1F44D0BFE049} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-10] (Google Inc.)
Task: {BACEDC5F-A09D-4A45-A450-599DEE4D58AC} - System32\Tasks\CIMT_S-1-5-21-2564139484-152270176-2040777850-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: {BBC681FC-C0F9-4CDD-901F-AA35B36F5726} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-14] (Microsoft Corporation)
Task: {BC915396-F911-440D-869F-6152A524777D} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C83E1518-B7B0-40DA-B597-95BB851BF5E9} - System32\Tasks\CYHPK => C:\Users\Brenda\AppData\Roaming\CYHPK.exe <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1355356-6CFB-4FAE-B949-A2243235209F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001Core.job => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2564139484-152270176-2040777850-1001UA.job => C:\Users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-01-26 21:19 - 2012-04-24 22:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-12-28 14:39 - 2012-12-28 14:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:36 - 2012-12-28 14:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:41 - 2012-12-28 14:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2013-01-26 20:05 - 2012-09-20 20:40 - 04875576 _____ () C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
2012-12-28 14:42 - 2012-12-28 14:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-15 16:45 - 2014-09-15 16:45 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\8dd48af515d8e2453ca6d118ad35baeb\PSIClient.ni.dll
2013-01-26 21:10 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-01-26 21:18 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Brenda\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03342137.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\03342137.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKCU\...\StartupApproved\Run: => "Optimizer Pro"

========================= Accounts: ==========================

Administrator (S-1-5-21-2564139484-152270176-2040777850-500 - Administrator - Disabled)
Brenda (S-1-5-21-2564139484-152270176-2040777850-1001 - Administrator - Enabled) => C:\Users\Brenda
Guest (S-1-5-21-2564139484-152270176-2040777850-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2564139484-152270176-2040777850-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2014 07:54:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/13/2014 00:49:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENDAPC)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/12/2014 04:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x750
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5

Error: (10/12/2014 03:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363
Exception code: 0x40000015
Fault offset: 0x0007da8a
Faulting process id: 0x74c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5

Error: (10/12/2014 03:05:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17278, time stamp: 0x53eea0c3
Faulting module name: MSHTML.dll, version: 11.0.9600.17278, time stamp: 0x53eebbe7
Exception code: 0xc0000005
Fault offset: 0x00d0d661
Faulting process id: 0x288
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

System errors:
=============
Error: (10/13/2014 06:52:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/13/2014 00:58:37 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/13/2014 00:38:37 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/13/2014 00:32:37 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/13/2014 00:03:43 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/13/2014 11:47:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (10/13/2014 00:49:43 AM) (Source: DCOM) (EventID: 10010) (User: BRENDAPC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa

Error: (10/12/2014 07:05:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/12/2014 06:57:27 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Error: (10/12/2014 06:39:23 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

Microsoft Office Sessions:
=========================
Error: (10/13/2014 07:54:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/13/2014 00:49:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BRENDAPC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (10/12/2014 04:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a75001cfe65a18651d9eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe5f4de2d7-524d-11e4-bef7-34238732788c

Error: (10/12/2014 03:47:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a74c01cfe65559a37280C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exea08d588f-5248-11e4-bef6-34238732788c

Error: (10/12/2014 03:05:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1727853eea0c3MSHTML.dll11.0.9600.1727853eebbe7c000000500d0d66128801cfe64f505c7226C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\MSHTML.dllc8ea84bc-5242-11e4-bef5-34238732788c

CodeIntegrity Errors:
===================================
  Date: 2014-10-13 13:52:25.073
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:52:24.932
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:59.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:57.654
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:54.341
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:52.794
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:49.872
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:47.339
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:45.948
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-13 13:50:44.447
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel® Pentium® CPU 2127U @ 1.90GHz
Percentage of memory in use: 67%
Total physical RAM: 3977.27 MB
Available physical RAM: 1282.14 MB
Total Pagefile: 6153.27 MB
Available Pagefile: 3280.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.9 GB) (Free:337.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A5E300A5)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Hope I did this right

 

Brenda


  • 0

#10
zep516
Posted 13 October 2014 - 08:01 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

You did it right.

Perhaps you can explain. I see AVG 2015 (Version: 15.0.4181 - AVG in your programs uninstall list, but I fail to see it running in the log report ?

The next thing to do is to uninstall some programs from your uninstall programs list if found. See list below.
  • PopularScreensavers Toolbar and Software (HKLM-x32\...\PopularScreensavers_7ibar Uninstall) (Version: - Mindspark Interactive Network)
  • Rich Media View (HKLM-x32\...\RichMediaViewV1release7142) (Version: 1.1 - Rich Media View)
  • SereneScreen Marine Aquarium Lite (HKLM-x32\...\SereneScreen Marine Aquarium Lite_is1) (Version: 3.0 - Prolific Publishing, Inc.
  • Shopping Helper Smartbar (HKLM-x32\...\{C64BEB42-B25D-4674-BB55-4099CB720110}) (Version: 11.113.63.19229 - ReSoft Ltd.
  • Trust Media Viewer
  • Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player
Next

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.




GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
start
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha485\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha221\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha1935\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9027\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home831\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ff [Not Found]
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
CHR HKLM-x32\...\Chrome\Extension: [ianbobkeplelligeejgeljdfdgljcnjl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta1213\ch\VideoPlayerV3beta1213.crx []
CHR HKLM-x32\...\Chrome\Extension: [iebkideapflccachklgbeinjhfeigamo] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode3344\ch\MediaBuzzV1mode3344.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpkodcagkabdilcecgmpjjlbajkjfajb] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release7142\ch\RichMediaViewV1release7142.crx []
CHR HKLM-x32\...\Chrome\Extension: [plhgnpoeaalmacnhdejkkleickcjfofa] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2867\ch\TrustMediaViewerV1alpha2867.crx []
CHR HKLM-x32\...\Chrome\Extension: [gdnhodjhmdahknapajgfmhlghadbnpik] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha42\ch\WebexpEnhancedV1alpha42.crx []
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
2014-10-10 13:17 - 2014-10-10 13:17 - 00004368 _____ () C:\WINDOWS\System32\Tasks\CYHPK
2014-10-10 13:16 - 2014-10-10 13:16 - 00004364 _____ () C:\WINDOWS\System32\Tasks\OQERG
2014-10-10 13:18 - 2014-10-10 13:18 - 00003858 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineUA
2014-10-10 13:18 - 2014-10-10 13:18 - 00003622 _____ () C:\WINDOWS\System32\Tasks\ConsumerInputUpdateTaskMachineCore
2014-10-10 13:18 - 2014-10-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for Consumer Input
C:\Users\Brenda\AppData\Local\Temp\aexyfw5y.dll
C:\Users\Brenda\AppData\Local\Temp\bs.exe
C:\Users\Brenda\AppData\Local\Temp\ConsumerInputSetup.exe
C:\Users\Brenda\AppData\Local\Temp\drv54905.exe
C:\Users\Brenda\AppData\Local\Temp\ezndksyq.dll
C:\Users\Brenda\AppData\Local\Temp\HD_Quality_US_setup.exe
C:\Users\Brenda\AppData\Local\Temp\kbouiafk.dll
C:\Users\Brenda\AppData\Local\Temp\Launcher.exe
C:\Users\Brenda\AppData\Local\Temp\optprosetup.exe
C:\Users\Brenda\AppData\Local\Temp\Quarantine.exe
C:\Users\Brenda\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Brenda\AppData\Local\Temp\setup_399.exe
C:\Users\Brenda\AppData\Local\Temp\SHelp2.exe
C:\Users\Brenda\AppData\Local\Temp\sqlite3.dll
C:\Users\Brenda\AppData\Local\Temp\urz19io0.dll
C:\Users\Brenda\AppData\Local\Temp\xxecndju.dll
CustomCLSID: HKU\S-1-5-21-2564139484-152270176-2040777850-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Brenda\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
Task: {1DD6CEDC-D88E-41CB-B4BE-FB511BF9186E} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe
Task: {58A86AB7-2BB3-4AE9-800E-545F288C1F72} - System32\Tasks\OQERG => C:\Users\Brenda\AppData\Roaming\OQERG.exe <==== ATTENTION
S2 Update Krab Web; "C:\Program Files (x86)\Krab Web\updateKrabWeb.exe" [X]
C:\Program Files (x86)\Krab Web\updateKrabWeb.exe[X]
EmptyTemp:
reboot:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.


Post the fixlog.txt in your next reply.

Joe
  • 0

Advertisements

#11
Brenda50
Posted 13 October 2014 - 10:27 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe,

 

The FRST is still fixing after 2 hours. Is this normal?  I hope I didn't mess it up.  As for AVG I think I didn't complete the download because the site was trying to get me to download a downloader program and a toolbar I wasn't sure about. I have gottin very paranoid lately about downloads so I panicked and did complete the download. 

 

Brenda


  • 0

#12
zep516
Posted 14 October 2014 - 01:46 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello

No that is not normal. Let me know where it is. We need to get an Anti Virus on the machine. I gave you a link for Microsoft Security Essentials please install it. The we will uninstall AVG I'll give instructions for that.

Thanks
Joe :)
  • 0

#13
Brenda50
Posted 14 October 2014 - 06:09 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe 

 

Sorry for the delay.  I have Windows Defender on here should I still download  the Essentials?


  • 0

#14
zep516
Posted 14 October 2014 - 06:16 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Yes. Download Essentials and install it. Very simple effective program. It also may want you to do a first time scan.

Let me know when you have done that.

Thanks
Joe :)
  • 0

#15
Brenda50
Posted 16 October 2014 - 02:46 PM

Brenda50

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Hi Joe

 

Sorry for the delay but apparently I can't download Windows Security Essentials to my PC because it is running windows 8.1.  However I did run Windows Defender which did a scan for 10 hours and removed  3 threats  a Trojan, a worm and some other one but I couldn't out how to get the log to show you.  In addition I uninstalled the other programs you said to except Shopping Helper Smartbar engine.  It won't uninstall.  Along with another one called We-Care won't uninstall.

 

Thank for your patience.

Brenda


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP